Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×

Comment Re:Good operating systems Dont. (Score 1) 564

This. Also, a more database like filesystem, like Longhorn was to have, and somewhat along the lines of how Windows Vista/7/8/10 handle metadata gathering on libraries.

Windows already handles the problem correctly. UAC lets you know when a file is trying to run in an executable manner. Android is similarly good about handling APKs.

File extensions need to go away (but remain for legacy systems) and be replaced with filesystem metadata which controls access and execution. In a way, it opens the door for two-part malware, a registered system extension for a given file type, and an otherwise unknown filetype metadata (e.g. .FLV / flash-video-meta-file-type and Flash player) which together work in concert to deliver the malicious cargo.

Comment Re:"risks serious damage to the system" (Score 1) 138

Overclocking is no longer a stability taboo for the tinkerers to get their hands into. The barrier to overclocking used to be BIOS settings, jumpers, or specialized 3rd party software.

It makes sense that the driver package enabled overclocking should be a feature the manufacturer has control over. It's senseless and stupid to overclock a notebook GPU in the first place.

nVidia probably started getting calls from one of the OEMs like Dell or HP showing that many expensive warranty replacements were tracked down to GPU thermal issues. At that point they end up in a bad situation with the OEM because the customer has long gone with the replacement hardware and it is difficult to pin the blame on them when they are going to plead ignorance. An overheating GPU probably means a complete replacement of the motherboard and CPU, possibly even RAM and SSD on boards where all of that is integrated and soldered direct to a single system board. In some situations it could be melting plastic housings and causing battery failure. That's a lot of wasted product because some idiot wanted to run Minecraft a few FPS higher.

"Things you can't have because others are too stupid for $400, Alex"

Comment Re:Yes... (Score 1) 809

It's called a bell curve. If you expect excellence at any vocation, you're only going to find about 20% of the area under the curve meets expectations. Competence probably only covers 40-60% of the curve in many industries.

Unfortunately, there isn't a good way to filter and remove the bottom 20-30% who shouldn't be working in their given industry. If we could, it would cause massive efficiency improvements worldwide, but we would probably end up with a nice chunk of the bottom 20% being unemployable due to their incompetence being a global personal property rather than isolated to just what they do today. Basically, accepting the incompetent in the workplace is a alternate form of welfare.

Comment Re:buckshot (Score 1) 208

Well, the best defense to a swarm of drones is a swarm of vastly greater numbers of smaller, cheaper drones, likely with lower range. I guess buckshot more or less is collapsing that escalation towards the end-game.<br><br>Now, self-guided droneshot... that's the ticket.

Comment Re:Extradition? (Score 1) 299

Commercial insurance, yes. Lincensure, perhaps. And their employers should be covering the cost. Pizza places should be providing vehicles for the amount of wear and tear all those short trips cause to a car. It's scam employment at it's finest. Pay someone under minimum wage on the basis of tips, then dump the costs of doing business (gas, car maintenance, insurance) on them as if they were a contractor (also not particularly legal).

Parents who let their high school kids get a job delivering pizza instead of flipping burgers or digging ditches are incredibly ignorant and part of the problem.

 

Comment Extradition? (Score 1, Interesting) 299

I am usually extremely against extradition to foreign countries for minor legal infractions, but can Australia go ahead and grab all of the Uber corporate HQ employees under whatever equivalent to RICO, obstruction, and similar organized crime laws they have.

We know Uber is an illegal taxi service in many (most?) jurisdictions in which they operate. I hope that these actions are of a scale and deliberateness to go ahead and start hitting them with the bigger crime laws since most governments have been hesitant to attack the head.

Comment Re:I don't get it. (Score 1) 150

I work in corporate environments. You're still well within the range of physical proximity attacks. Acoustic keyboard analysis works on both wired and wireless keyboards. Wired keyboards are still subject to, and perhaps even easier to listen into their EMR characteristics.

A younger generation would be better served by a general understanding of EMR, more specifically the fundamental physics of electricity, inductance, and RF. Understanding the general underlying principals from the science side, then the security side, and one needs no introduction to such attack vectors. They are natural results of knowledge.

Comment I don't get it. (Score 0) 150

Articles on new security breaking or testing devices never make sense from the perspective of why is this interesting. Another device that uses pretty vanilla methods to accomplish a trivial but scary sounding task. If it requires physical access or certain proximity, it's not novel, it's just a rehash of known methods for compromising devices not designed to be secure in the first place.

Hardware keyboard loggers have been around since the 80's. Now because this one does it over unlicensed RF, that makes it interesting? No. Sniffing RF keyboards has been done for nearly 10 years now.

And this one wastes the power of an Arduino when nothing remotely that sophisticated is required. Oh, I get it, buzzwords. Why didn't they use a Raspberry PI hooked up to the Arduino to upload the sniffing over Wifi and provide remote control. That has way more script kiddie / proto-board masher street cred.

If we're going to go all TEMPEST then they should try to grab video output from RF as well.

Comment Re: Is that engine even running? (Score 2) 89

Computationally, running a car engine is trivial for a raspberry pi. Early EFI used processors in the KHz range and even current ECUs like Megasquirt use 16 bit 50 or 100 MHz processors.

Fuel injection and spark events only occur at the 10s of Hz scale (topping out at around 60 each per second). Even if you handle cam phasing and MAF sampling at 100 times that interval, you're still within the computational work load of a couple dozen MHz of instructions.

The research is only interesting because they are taking advantage of way overspecced processing power to approach combustion more granularly per event and trying to learn from each one and control the next. It only got press here because they used Linux (anything production grade would use QNX or similar).

The expensive part of an ECU isn't the processor. It is supporting circuitry to tolerate lots of EMI noise, varying supply voltages, and lastly, driving fuel injectors (they're actually a PITA because of voltage / current / pulsing).

If they really want to get ambitious, their system will learn the exact intake geometry effects(intake asymmetry) , individual injector flow characteristics, and cylinder geometry (build up, hot spots) and thermal trends just by watching I/O.

Comment Re:Free? (Score 1) 703

Where I am (TX), it is very easy for 2 years at a CC to knock out 2 years at a university. The trick is to take everything from the common core, and get the correct list either from the CC or the possible university choices of what courses to take that transfer most directly towards the chosen major. One other reason 2 years at a CC frequently doesn't knock off 2 years at university is that many times students are taking catch-up classes that freshmen at a university wouldn't take. For example, I had been out of school for around 10 years and decided I should take Trigonometry at the CC before taking Calculus 1 at the university. None of the on-time freshmen for the major I was pursuing started at less than Calculus 1 their first semester.<br><br>If one doesn't know what to ask as far as course load from the CC, they will usually put you in a few of the catch-up type classes of material you should have from high school because of the sheer number of students they have which need them.<br><br>It is all about planning.

Comment Obvious... (Score 4, Interesting) 703

The federal school loan program is turning out to be wildly profitable new tax program for the federal government. The loans are exempt from bankruptcy and are typically $40+k per student.

It's incredibly affordable with the amount of federal, state, and county money already subsidizing community colleges to pick up the last 5-10%. This is more likely a program to entice mediocrity into buying into federal school loans for universities after 2 years at the community college level. The GPA requirement is clearly a troll move unless we're going to get honest as a country and start making the 2.5-3 range GPA kids take trades classes at the community college.

Even worse, by making the 2 years free, many students will be skating by on a lot of electives and "fun" classes which will keep them in the perpetual life student mindset. This is the same error that came with making parents responsible for their children's health insurance until they are 25.

Lastly, this is finally saying that the K-12 system is broken and we're not going to fix it. What better way to say that a HS diploma is worthless than making an Associate's degree a freebie.

If you want to incentivize hard work, pay for the last year at a university for students who finish "on time" in 4-4.5 years.

Comment Re:Why not as civilians? (Score 1) 223

As an IT guy not currently fit enough for military service, I completely agree with basic combat training. I have a lot of respect for the military and wouldn't want to join if I couldn't physically back up fellow troops in a pinch.

If there are technicians important for military support and technology missions, they can be part of a civilian group or one of the various security services like the NSA or CIA which does not have operational combat requirements for all members.

Comment A Crock (Score 1) 19

Between TOR and Bitcoin, you would think these things were designed by security services like the NSA or GCHQ. TOR is slow, onerous, and never provided reliable anonymity. If anything, the low network throughput was part of the design to slow the dissemination of large files like government documents and child pornography.

Bitcoin is only anonymous while the exchanges hide your identity. Rather than actually anonymizing transfers, Bitcoin is the ultimate currency tracking tool, leaving a user identifiable trace on every transaction. It literally leaves a trace where law enforcement can say that a $20 drug purchase was funneled to buy guns for organized crime. Further, Bitcoin looks more like a large scale generator for encryption cracking rainbow tables.

Besides the darknet lurkers and delusionally paranoid journalists (ahem Dan Goodin), TOR never has found use for anything legitimate, it's all just drugs, porn, and bad tin foil hat literature. Even Bittorrent has reasonable use cases (works great for backing up very large files from point A to B on a one time basis).

Slashdot Top Deals

Many people are unenthusiastic about their work.

Working...